The present invention relates to a storage apparatus, an access control apparatus for a recording medium and an access control method for a recording medium, having a function of preventing a third party from unjustly accessing to the recording medium using a password. More particularly, this invention relates to a technology for improving the security by recording a coded password produced by coding a user password with a one-way function on the recording medium.
In recent years, storage apparatuses including various types of recording media are being developed. In particular, with the spread of personal computers, the storage apparatuses generally use removable media, such as magneto-optical disks, floppy disks, and optical disks as the recording media. Although the recording media of this type have the advantage of easy handling because of their small size and light weight, they have also the disadvantages that they can easily be taken away by a third party and the data can easily be stolen or altered. Therefore, passwords or the like have been conventionally used to prevent stealing and alteration of the data.
In a conventional storage apparatus, in order to improve the security by preventing unauthorized access (reading/writing and deletion) by a third party, a password is set in advance in a recording medium and an internal memory of the device. When a user inputs a password (the user may be an authorized person or a third party), it is compared with the already recorded password, and access to the recording medium is permitted only when the two passwords match.
The storage apparatus explained above is described in detail in Japanese Patent Application Laid-Open Nos. SHO 57-150117, SHO 60-189531, SHO 63-175955, and HEI 01-309120. In a storage apparatus of this type, the password recorded in the recording medium and internal memory of the device is an unprocessed data, namely which has not been subjected to any processing, or data which is almost analogous to the unprocessed data.
Such an access control by password checking is useful when, for example, a removable recording medium on which images, music data, application programs, or the like are recorded is to be rent to the user. In other words, in this case, by recording a password on a recording medium, it is possible to permit only a specified user to access to the recording medium.
By the way, it is mentioned in the above that a password written in the recording medium and the internal memory of the device is unprocessed data or almost analogous to the unprocessed data. Even when the password is unprocessed data, it is possible to prevent unauthorized access by general users by performing the above-described password checking or by recording the password in a recording area which can not be read by any known command.
However, in a service center providing a maintenance service (for defects) for the storage apparatus and the recording medium, when a service person inputs a hidden maintenance command categorized as a xe2x80x9cservice commandxe2x80x9d, the user password can be read out from the recording medium. Moreover, there is another method of physically obtaining the password with the use of a test and repair tool. Thus, a malicious service person can obtain the user password using the service command and access to the recording medium with the use of this user password. In short, it is actually possible to steal, alter and delete data on the recording medium in the service center, and hence it would be a serious security hole.
Such security problems may be solved by following the procedure shown in FIG. 6. Specifically, when a recording medium (including a storage apparatus) has some defect, the user U1 (or the user U2) brings the defective recording medium to the service center SV1 (or the service center SV2). In this case, in order to avoid the security hole, the authority in the service center SV1 or SV2 only listens to the problems with the recording medium, but does not actually provide a service to the defect.
The recording medium is then sealed for confidential reasons in the service center SV1 or SV2 and sent to an expert H. The expert H is a person who is exclusively appointed for providing a service to defects and it is supposed that he does not do anything with the data inside. The expert H analyzes the defect in the recording medium, and then informs the user U1 (or the user U2) of the result of analysis and returns the recording medium to the user U1 (or the user U2).
However, according to the procedure shown in FIG. 6, in order to achieve a quick reply/return to the user U1 (user U2), it is necessary to employ many experts H who are hired at high salary. Consequently, there is a problem that the costs of service and maintenance are increased.
Moreover, if many experts H are hired, it would raise a possibility that the information relating to the above-mentioned service command is leaked out to general users. In such a case, because a certain user might know a user password of a recording medium belonging to another person and unjustly access to the recording medium, an authorized user will be anxious. Therefore, the quality of the customer service will be lowered. Meanwhile, a magnetic strip card as another example of the recording medium also assures the security by password checking. In the case of the magnetic strip card, however, the password can be obtained by applying magnetic powder or the like to a recorded area, without using a special device.
In view of the above-mentioned problems, an object of the present invention is to provide a storage apparatus, an access control apparatus for a recording medium and an access control method for a recording medium, capable of improving the security of the recording medium, reducing the costs of service and maintenance, and improving the customer service.
According to one aspect of this invention, when the user inputs a password, a coding unit codes this password using a one-way function. A password coded in the same manner is already stored in the recording medium and a reading unit reads this password. A checking unit compares the password (coded) input by the user and the password read out from the recording medium. An access control unit permits the access to the recording medium if the two passwords match and prohibits the access when they do not. The password input by an unauthorized person will not match with the password recorded on the recording. Therefore, access to the recording medium by the unauthorized person can be prohibited.
The xe2x80x9cone-way functionxe2x80x9d means a function having such characteristics that a value Y (in this case, the coded password) of the function is relatively easily obtained from an input Y (in this case, the user password), but it is difficult to obtain an input x from the value Y based on the current mathematical knowledge. For instance, it has been known that it is relatively easy to multiply large prime numbers together, but it is difficult to obtain the original two prime numbers by resolving the product into factors. Moreover, for prime numbers p and q, it has been known that it is easy to calculate the power of the prime number p with the prime number q as a devisor, but it is extremely difficult to perform the reverse calculation, for certain values of the prime numbers p and q.
Further, since the one-way function is used in order to code the passwords, the third party (including a service person for maintaining the recording medium, etc.) can not derive the user password from the coded password because of the characteristics of the one-way function. Thus, according to the invention of the above aspect, since in reality the third party can not obtain the user password by using whatever means, it is possible to prevent unauthorized access to the recording medium, thereby achieving a significant improvement in the security.
Moreover, since a highly secure recording medium can be provided for the users, the customer service can be improved. Furthermore, according to the invention of the above aspect, since a service person (general operator or part-time operator) hired at a lower salary than an expert may provide a service to the defect in the recording medium while assuring the security, it is possible to lower the costs of service and maintenance.
Further, when setting a user password, the coding unit produces the old coded password and the new coded password by coding the old user password and the new user password, respectively, with the one-way function. Then, the checking unit compares the old coded password and the coded password read out from the recording medium, and the setting unit writes the new coded password on the recording medium only when the checking unit judges that these coded passwords match.
Thus, when setting or changing a user password, whether or not a user performing the setting is an authorized person is checked by password checking, and a new coded password is written on the recording medium only when the passwords match. Thus, the security is assured even after the setting.
According to another aspect of this invention, when a user password is input, the coding unit produces a coded password from the user password input by the user with the use of the one-way function. Next, the checking unit compares the produced coded password and a coded password read out from the recording medium. Then, the access control unit permits access to the recording medium only when the passwords compared by the checking unit match. Thus, when a wrong password is input by an unauthorized third party, the checking unit judges that the passwords do not match, and access to the recording medium is prohibited.
Since the coded password produced from the user password with the use of the one-way function is written on the recording medium, the third party (including a service person) can not derive the user password from the coded password because of the characteristics of the one-way function. Thus, according to the invention of the third aspect, since in reality the third party can not obtain the user password by using whatever means, it is possible to prevent unauthorized access to the recording medium, thereby achieving a significant improvement in the security.
Moreover, while a highly secure recording medium can be provided to the users, the customer service can be improved. Furthermore, according to the invention of the third aspect, since a service person hired at a lower salary than an expert may provide a service to the defect in the recording medium while assuring the security, it is possible to lower the costs of service and maintenance.
According to another aspect of this invention, when the user inputs a password, this password is coded using a one-way function in a coding step. A password coded in the same manner is already stored in the recording medium and this password is read in a reading step. In a checking step the password (coded) input by the user and the password read out from the recording medium are compared. An access control unit permits the access to the recording medium if the two passwords match and prohibits the access when they do not. The password input by an unauthorized person will not match with the password recorded on the recording. Therefore, access to the recording medium by the unauthorized person can be prohibited.
Other objects and features of this invention will become apparent from the following description with reference to the accompanying drawings.